Container-Optimized OS Overview

Container-Optimized OS from Google is an operating system image for your
Compute Engine VMs that is optimized for running Docker containers.
Container-Optimized OS is maintained by Google and based on the open source
Chromium OS project. With Container-Optimized OS, you can bring up your Docker
containers on Google Cloud Platform quickly, efficiently, and securely.

Features and Benefits

Container-Optimized OS provides the following benefits:

Run Containers Out of the Box: Container-Optimized OS instances come
pre-installed with the Docker runtime and cloud-init. With a
Container-Optimized OS instance, you can bring up your Docker container at the
same time you create your VM, with no on-host setup required.

Locked-down by default: Container-Optimized OS instances include a
locked-down firewall and other security settings by default.

Automatic Updates: Container-Optimized OS instances are configured to
automatically download weekly updates in the background; only a reboot is
necessary to use the latest updates.

Limitations

Container-Optimized OS has limited or no support for some of the common
features you may be familiar with on other operating systems:

Container-Optimized OS does not include a package manager; as such, you'll
be unable to install software packages directly on an instance. However, you
can use CoreOS toolbox to install and run debugging and admin tools in an
isolated container.

Container-Optimized OS does not support execution of non-containerized
applications.

You can also use Container-Optimized OS to quickly bring up a Docker container
on a Compute Engine instance with minimal setup. For more information, see
Creating and Configuring Instances.

You can run tools like ping, the gcloud command-line tool, pstree, htop,
emacs and more using the CoreOS toolbox utility, which is pre-installed in
Container-Optimized OS at /usr/bin/toolbox. See Debugging with toolbox for
more information.

Use cases for Container-Optimized OS

Container-Optimized OS can be used to run most Docker containers. You should
consider using Container-Optimized OS as the operating system for your
Compute Engine instance if you have the following needs:

You need support for Docker containers or Kubernetes with minimal setup.

You need an operating system that has a small footprint and is security
hardened for containers.

You need an operating system that is tested and verified for running
Kubernetes on your Compute Engine instances.

Container-Optimized OS may not be the right choice for you in the following
cases:

Your application is not containerized or your containerized application
depends on kernel modules, drivers and other additional packages that
are not available in Container-Optimized OS.

You need professional customer support from a Linux provider (Canonical,
Core OS, Redhat, SUSE, etc).